1 |
commit: 576416b15056b11df59e03473e4e82037d74ee9b |
2 |
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Feb 14 19:46:32 2017 +0000 |
4 |
Commit: Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Feb 14 19:47:08 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=576416b1 |
7 |
|
8 |
net-misc/openvpn: fix bug 608244 |
9 |
|
10 |
Package-Manager: Portage-2.3.3, Repoman-2.3.1 |
11 |
|
12 |
.../openvpn/files/openvpn-2.4.0-fix-libressl.patch | 21 +++++++++++++++++++++ |
13 |
net-misc/openvpn/openvpn-2.4.0-r1.ebuild | 1 + |
14 |
2 files changed, 22 insertions(+) |
15 |
|
16 |
diff --git a/net-misc/openvpn/files/openvpn-2.4.0-fix-libressl.patch b/net-misc/openvpn/files/openvpn-2.4.0-fix-libressl.patch |
17 |
new file mode 100644 |
18 |
index 0000000000..4c3aca5d5a |
19 |
--- /dev/null |
20 |
+++ b/net-misc/openvpn/files/openvpn-2.4.0-fix-libressl.patch |
21 |
@@ -0,0 +1,21 @@ |
22 |
+diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c |
23 |
+index 8266595..a889332 100644 |
24 |
+--- a/src/openvpn/ssl_openssl.c |
25 |
++++ b/src/openvpn/ssl_openssl.c |
26 |
+@@ -508,10 +508,13 @@ tls_ctx_load_ecdh_params(struct tls_root_ctx *ctx, const char *curve_name |
27 |
+ const EC_GROUP *ecgrp = NULL; |
28 |
+ EVP_PKEY *pkey = NULL; |
29 |
+ |
30 |
+- /* Little hack to get private key ref from SSL_CTX, yay OpenSSL... */ |
31 |
+- SSL ssl; |
32 |
+- ssl.cert = ctx->ctx->cert; |
33 |
+- pkey = SSL_get_privatekey(&ssl); |
34 |
++ SSL *ssl = SSL_new(ctx->ctx); |
35 |
++ if (!ssl) |
36 |
++ { |
37 |
++ crypto_msg(M_FATAL, "SSL_new failed"); |
38 |
++ } |
39 |
++ pkey = SSL_get_privatekey(ssl); |
40 |
++ SSL_free(ssl); |
41 |
+ |
42 |
+ msg(D_TLS_DEBUG, "Extracting ECDH curve from private key"); |
43 |
|
44 |
diff --git a/net-misc/openvpn/openvpn-2.4.0-r1.ebuild b/net-misc/openvpn/openvpn-2.4.0-r1.ebuild |
45 |
index 1b64d5b698..bd85309308 100644 |
46 |
--- a/net-misc/openvpn/openvpn-2.4.0-r1.ebuild |
47 |
+++ b/net-misc/openvpn/openvpn-2.4.0-r1.ebuild |
48 |
@@ -52,6 +52,7 @@ CONFIG_CHECK="~TUN" |
49 |
|
50 |
PATCHES=( |
51 |
"${FILESDIR}/${PN}-external-cmocka.patch" |
52 |
+ "${FILESDIR}/${PN}-2.4.0-fix-libressl.patch" |
53 |
) |
54 |
|
55 |
pkg_setup() { |